Securing Layer 2 in Local Area Networks.

Network security problems have been well known and addressed in the application, transport, or network layers. However, the Data Link Layer (Layer 2) security has not been adequately addressed yet. To secure Local or Metropolitan Area Networks, the IEEE 802.1AE Media Access Control (MAC) Security Task Group has proposed the IEEE P802.1AE Standard for Local and Metropolitan Area Networks: MAC Security (MACsec). MACsec introduces a new tag field, Security TAG (SecTAG), in Layer 2 frames. In this paper, we discuss the security concerns in Layer 2 and summarize some of the possible attacks in Layer 2 in Internet Protocol (IP) over Ethernet networks. We also provide an overview of the MACsec. Lastly, we propose to incorporate additional fields into the SecTAG to improve security in local area networks. [ABSTRACT FROM AUTHOR]